Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6620B7FE3E1F11F09736D5C5DAE4EC9C.roa
File: 6620B7FE3E1F11F09736D5C5DAE4EC9C.roa (raw, json)
Hash identifier: GhKwNhJTeDp3B9nKVYo21Aw+f4tf0l/ycRjXQyIC3VU=
Subject key identifier: DD:0D:51:56:93:08:EF:1F:F4:F6:7A:4B:BB:DA:3F:A5:F0:9D:48:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01590A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6620B7FE3E1F11F09736D5C5DAE4EC9C.roa
Signing time: Sat 31 May 2025 13:01:43 +0000
ROA not before: Sat 31 May 2025 13:01:38 +0000
ROA not after: Tue 08 Jul 2025 13:01:38 +0000
asID: 62084
IP address blocks: 156.247.20.0/24 maxlen: 24
156.247.21.0/24 maxlen: 24
156.247.22.0/24 maxlen: 24
156.247.23.0/24 maxlen: 24
156.254.96.0/24 maxlen: 24
156.254.97.0/24 maxlen: 24
156.254.98.0/24 maxlen: 24
156.254.99.0/24 maxlen: 24
156.254.100.0/24 maxlen: 24
156.254.101.0/24 maxlen: 24
156.254.102.0/24 maxlen: 24
156.254.103.0/24 maxlen: 24
156.254.104.0/24 maxlen: 24
156.254.105.0/24 maxlen: 24
156.254.106.0/24 maxlen: 24
156.254.107.0/24 maxlen: 24
156.254.108.0/24 maxlen: 24
156.254.109.0/24 maxlen: 24
156.254.110.0/24 maxlen: 24
156.254.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88330 (0x1590a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 31 13:01:38 2025 GMT
Not After : Jul 8 13:01:38 2025 GMT
Subject: CN=683afdb7-b206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:8f:a1:19:62:98:ca:b7:ee:7b:3e:df:11:
be:45:97:92:82:c0:3e:7f:7f:8e:e1:b0:b0:f8:46:
ac:d2:3d:77:c1:f4:17:35:70:55:c2:ff:4b:11:52:
82:ed:07:7f:20:a1:43:68:cf:37:6a:79:31:32:d5:
4d:e0:f5:a8:70:e0:d0:b3:be:1b:3f:5c:28:22:e6:
44:78:50:82:1e:c6:52:df:f3:25:7d:58:1c:14:00:
ab:8b:2b:25:54:47:b6:6a:fb:d3:00:5c:7c:dd:7e:
d5:e1:74:58:93:fe:30:64:5b:c2:7f:f7:69:2b:4c:
a2:72:f1:c6:ff:0a:2d:fa:12:49:e7:e3:e3:27:6a:
55:1e:8c:f8:0f:f9:2d:98:88:da:f2:cc:fb:a9:7d:
02:07:7b:f9:c1:41:25:49:fe:d5:aa:61:8e:84:28:
30:36:5f:de:6b:1d:75:97:de:c5:29:04:76:ca:2a:
46:6a:cc:83:24:92:77:b3:70:33:cc:e6:2b:e8:f4:
ba:24:c1:fc:87:a3:10:01:cb:d7:9f:68:e5:3e:9b:
e5:07:e8:b6:d1:6d:5a:52:89:f3:25:3f:87:06:4d:
ea:f1:2e:d8:d4:55:14:22:1c:1b:62:fa:b6:5b:8a:
ac:12:06:b5:02:c9:2a:ea:d1:78:22:c0:4f:f0:5c:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0D:51:56:93:08:EF:1F:F4:F6:7A:4B:BB:DA:3F:A5:F0:9D:48:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6620B7FE3E1F11F09736D5C5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.20.0/22
156.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:12:82:fd:36:32:1c:c4:0d:cb:02:93:ac:19:df:ce:22:9c:
5e:61:3c:b1:41:0c:95:99:9f:7b:5a:53:d7:9a:5d:aa:25:8d:
73:00:4d:21:55:98:b2:bd:f0:77:cc:af:b3:c9:69:b7:93:dd:
48:24:1d:54:44:21:31:1e:da:c8:e8:27:05:42:39:67:35:97:
74:8f:3f:f4:d7:06:03:20:ff:95:5f:6f:30:b3:15:14:c2:f8:
94:36:1f:7e:ef:3d:8d:56:34:f4:d7:92:52:80:75:95:94:58:
b3:21:30:ab:6b:23:bd:8a:23:4f:08:8f:60:c0:ac:e8:1b:2f:
af:a6:82:b3:0a:ee:a2:31:f3:26:73:c3:09:ee:75:40:44:b8:
d1:7e:d2:77:2c:64:a3:f1:5e:a6:79:d9:89:5e:e4:76:dd:ec:
3f:2d:0b:a4:82:90:9d:35:e3:1a:bc:99:79:12:30:87:4a:c1:
9b:e4:eb:dd:9e:38:45:9a:b0:63:c5:ce:77:14:c6:4a:72:a6:
f8:4c:03:79:61:ce:29:e5:65:bb:0f:38:a8:b3:87:f7:7f:1e:
b2:58:30:08:7a:e0:b5:e0:12:16:b6:8d:34:c6:85:04:7b:00:
4e:84:c5:b1:73:7d:71:59:60:c2:d8:ee:6b:94:a2:b7:2b:d7:
c6:d7:02:9e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVkKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMxMTMwMTM4WhcNMjUwNzA4MTMwMTM4WjAYMRYw
FAYDVQQDEw02ODNhZmRiNy1iMjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxLWPoRlimMq37ns+3xG+RZeSgsA+f3+O4bCw+Eas0j13wfQXNXBVwv9L
EVKC7Qd/IKFDaM83ankxMtVN4PWocODQs74bP1woIuZEeFCCHsZS3/MlfVgcFACr
iyslVEe2avvTAFx83X7V4XRYk/4wZFvCf/dpK0yicvHG/wot+hJJ5+PjJ2pVHoz4
D/ktmIja8sz7qX0CB3v5wUElSf7VqmGOhCgwNl/eax11l97FKQR2yipGasyDJJJ3
s3AzzOYr6PS6JMH8h6MQAcvXn2jlPpvlB+i20W1aUonzJT+HBk3q8S7Y1FUUIhwb
Yvq2W4qsEga1Askq6tF4IsBP8FyX/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN0N
UVaTCO8f9PZ6S7vaP6XwnUiZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjIwQjdGRTNFMUYxMUYwOTczNkQ1QzVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPcUAwQEnP5gMA0GCSqGSIb3
DQEBCwUAA4IBAQBPEoL9NjIcxA3LApOsGd/OIpxeYTyxQQyVmZ97WlPXml2qJY1z
AE0hVZiyvfB3zK+zyWm3k91IJB1URCExHtrI6CcFQjlnNZd0jz/01wYDIP+VX28w
sxUUwviUNh9+7z2NVjT015JSgHWVlFizITCrayO9iiNPCI9gwKzoGy+vpoKzCu6i
MfMmc8MJ7nVARLjRftJ3LGSj8V6medmJXuR23ew/LQukgpCdNeMavJl5EjCHSsGb
5OvdnjhFmrBjxc53FMZKcqb4TAN5Yc4p5WW7Dzios4f3fx6yWDAIeuC14BIWto00
xoUEewBOhMWxc31xWWDC2O5rlKK3K9fG1wKe
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:33:13 2025 by rpki-client